Activity logs for WordPress Cron, Redirection plugin and more.

• New event IDs to report changes in Redirections plugin
  In this update we are introducing out-of-the-box activity logging for changes done in the configuration of the Redirections plugin.

  • Event ID 10501: A new redirection was created.
  • Event ID 10502: Activated a redirection.
  • Event ID 10503: Deactivated a redirection.
  • Event ID 10504: Changed the source URL of a redirection.
  • Event ID 10505: Changed the query parameter of a redirection.
  • Event ID 10506: Changed the target URL of a redirection.
  • Event ID 10507: Changed the redirection group of a redirection.
  • Event ID 10508: Deleted a redirection.
  • Event ID 10509: Created a new redirection group.
  • Event ID 10510: Activated a redirection group.
  • Event ID 10511: Deactivated a redirection group.
  • Event ID 10512: Renamed a redirection group.
  • Event ID 10513: Changed the module type of a redirection group.
  • Event ID 10514: Deleted a redirection group.

• New event IDs to report WordPress Cron changes etc
  In this update we are introducing coverage of changes in the WordPress cron and the cron jobs / tasks.

  • Event ID 6066: A new one-time task has been scheduled in the cron.
  • Event ID 6067: A new recurring task has been scheduled in the cron.
  • Event ID 6068: The schedule of a recurring cron task has changed.
  • Event ID 6069: A one-time task has been executed by cron.
  • Event ID 6070: A recurring task has been executed by cron.
  • Event ID 6071: A one-time task has been deleted from the cron.
  • Event ID 6072: A recurring task has been deleted from the cron.

• Other generic new event IDs

  • Event ID 6063: A new website site icon (favicon) has been added.
  • Event ID 6064: The website site icon (favicon) was removed.
  • Event ID 7013: Updated WordPress on the network subsites.
  • Event ID 5720: Activated or deactivated a GravityForms form.
  • Event ID 9155: A comment was added to a WooCommerce order.
  • Event ID 9156: A comment was deleted from a WooCommerce order.

• Plugin & functionality improvements

  • Plugin checks for existing session cookie when user navigates directly to the login page so new users sessions are not created unnecessarily and no users are locked out when session management features are enabled.
  • Set the default activity log retention policy to 3 months if not configured by the user.
  • User is redirected to the activity log viewer page upon installing the plugin.
  • Added some padding / improved plugin's activity log view in MainWP.
  • Added new top floating menu and a banner + footer links in the Free edition of the plugin.
  • Improved the text of event ID 6063.
  • Removed redundant code that was used to count the number of failed login attempts from an IP address. Now plugin reports every failed login attempt as an individual event in the log.
  • Removed redundant code that was used to enable early plugin loading (was typically used on websites that use admin blocking plugins).
  • Optimized the WooCommerce sensor to properly report the changes that take place when an order is place in WooCommerce - previously reported too many events which might be confusing.
  • Improved support for custom WooCommerce order names (YITH).
  • Event ID 1005 (user logged in from a different device) now counts towards the total number of logins when generating user login / activity reports.
  • Added the "Settings" node in the MainWP menu (previously only available on the WordPress native dashboard, even when installed on MainWP).
  • Applied several recognition updates to the detection of reverse proxy and WAF IP addresses feature.
  • Added some minor UI tweaks to the HTML reports.

• Bug fixes

  • Fixed a number of fatal errors in the WooCommerce sensor which were caused in some edge cases.
  • Fixed: Redirect group is now reported in event ID 10501. Previously "null" was reported.
  • Fixed: Incorrect time was being reported in the Retention policies settings for the purging of old data in the activity log.
  • Fixed: plugin settings not removed when option to delete settings upon uninstall is enabled on a multisite network.
  • Fixed: event ID 9156 (changed note in WooCommerce order) reported instead of event ID 9155 (added note to a WooCommerce order).
  • Form URL was not reported in some event IDs which report changes in Gravity Forms form changes.
  • Fixed: Fatal error when editing WooCommerce products prices in bulk with Advanced Bulk Edit plugin.
  • Fixed: Event ID 6064 reported instead of ID 6065 when switching the favicon.
  • Fixed: Event ID 9156 was reported twice in the activity log when a WooCommerce order was placed by a non-logged in user.
  • Fixed a number of PHP Notices, warnings and deprecated code messages by improving the code for better support of more recent PHP versions.
  • Fixed: Plugin was not reporting the change when when the price of a WooCommerce product is changed to NULL via the REST API.
  • Fixed a warning about an undefined array key "zapier_integration_active" when saving changes in the Yoast SEO plugin.
  • Fixed a crash in the WooCommerce sensor which happens when a new WooCommerce user is registered.
  • Addressed problem with Redirection sensor when Rest API endpoint is checked.
  • Fixed a crash and a number of PHP notices which are triggered when the Redirects plugin and Elementor are installed on the website.
  • Addressed problem with system sensor when cron job is checked.

Maintenance followup update to 5.0.0

• Improvements

  • Updated / improved the help text of some of the plugin's settings.
  • Added an update notice so people can easily see what is new and improved when they upgrade.
  • Updated the text of event ID 1002 and 1003 (failed logins).
  • Standardized UTM parameters used in the plugin links.
  • Updated the text of some of the events listed in the Enabled/Disable events section.

• Bug fixes

  • Fixed a number of PHP warnings - improving compatibility with several versions of PHP.
  • Fixed a PHP fatal error in the Advanced Custom Field sensor which occurs in some specific setups.

Merging of MainWP extension + bulk actions + ACF support

• New Activity Log event IDs

The below event IDs are to keep log of changes in the Advanced Custom Field (ACF) plugin activity:
* Event ID 10000 - A post type was created
* Event ID 10001 - A post type was activated/deactivated
* Event ID 10002 - A post type was renamed
* Event ID 10003 - A post-type singular name was renamed
* Event ID 10004 - A post-type key was modified
* Event ID 10005 - A post types Taxonomies was modified
* Event ID 10007 - A post type was moved to trash
* Event ID 10008 - A post type was restored from trash
* Event ID 10010 - A Taxonomy was created
* Event ID 10011 - A Taxonomy was activated / deactivated
* Event ID 10012 - A Taxonomy was renamed
* Event ID 10013 - A Taxonomy singular label was renamed
* Event ID 10014 - A Taxonomy key was modified
* Event ID 10015 - A Taxonomies post type was modified
* Event ID 10017 - A Taxonomy was moved to trash
* Event ID 10018 - A Taxonomy was restored from trash
* Event ID 10019 - A Taxonomy was deleted
* Event ID 10020 - A Taxonomy term was created
* Event ID 10021 - A Taxonomy term was renamed
* Event ID 10022 - A Taxonomy term was deleted
* Event ID 10023 - A Taxonomy terms slug was modified
* Event ID 10024 - A posts taxonomy terms were modified

Also in this update, we have added a number of event IDs to keep a log of changes in the WP 2FA plugin and changes in the users' 2FA setup:
* Event ID 7800 - WP 2FA Enforcement policy updated
* Event ID 7801 - WP 2FA enforcement policies have been disabled
* Event ID 7802 - WP 2FA enforcement list was modified
* Event ID 7803 - WP 2FA exclusion list was modified
* Event ID 7804 - WP 2FA Enforcement policy updated
* Event ID 7805 - WP 2FA Trusted device was enabled / disabled
* Event ID 7806 - WP 2FA trusted device remember length modified
* Event ID 7807 - WP 2FA require password resets on unblock was enabled / disabled
* Event ID 7808 - A user configured 2FA
* Event ID 7809 - A WP 2FA user policy was enabled / disabled a method
* Event ID 7810 - A user removed the 2FA setup
* Event ID 7811 - A user has been locked for not configuring 2FA
* Event ID 7812 - A blocked user has been unblocked

• New features

  • Added bulk action options in the Activity Log viewer, allowing admins to disable specific event IDs, or exclude users and IP addresses from the logs using bulk actions.
  • Setting to exclude posts by Post Status in the activity log.

• Improvements

  • Integrated the Activity Log extension for MainWP into the core plugin.
  • Resolved multiple MainWP-related issues, improved log extraction, report generation, and overall performance.
  • Improved metadata layout for Event ID 2016, which is reported when a user changes categories on a post.
  • The plugin now stores both user_id and username in the database for all alerts.
  • Every failed login attempt is logged as an individual event in the activity log.
  • Default 'From' email address matches the user's site domain to improve email deliverability.
  • The version of both the previous and new plugin version is now logged in event ID 5004, which is used to keep a log of plugin updates.
  • Fixed a number broken URLs in the free edition of the plugin.
  • Updated and optimized imagery in the free edition for better size and quality.
  • Replaced outdated branding references throughout the plugin.
  • Updated the logo for the Melapress File Monitor plugin in the Settings page.
  • Applied several minor UI and UX tweaks inside the activity log viewer - adjusted width / hight and alignment of some elements.
  • Improved the logic of retrieving user's data from database for better performance.
  • Implemented various minor code tweaks to improve overall plugin speed, performance, and stability.

• Bug fixes

  • Corrected the logic and info messages when disabling Event IDs directly from the Activity Log viewer.
  • Resolved an edge case where WP Engine Smart Plugin Manager was returning random usernames as actors when updating plugins on the site.
  • Addressed missing metadata for 'username' in the Custom Email Notification template triggered by failed login attempts.
  • Fixed a bug causing the system info file to display the same title for both Free and Premium editions when both were installed.
  • Resolved an issue where WooCommerce Event ID 9105 was not captured if the user placing the order was not logged in.
  • Corrected class references within the plugin's core (widget sensor).
  • Fixed the built-in notification for failed login attempts to properly show the user's IP address (there were edge cases in which it wasn't).
  • Resolved a bug with the 'hide plugin from other admins' setting that allowed some users to still see the plugin as installed.
  • Fixed numerous PHP warnings generated by the WooCommerce sensor.
  • Resolved an issue causing some Event IDs not to trigger custom notifications if the activity occurred on the site frontend.
  • Corrected the year not being replaced correctly in the main plugin PHP file.
  • Fixed a number of PHP warnings that could be generated by the plugin when WooCommerce orders were placed.
  • Addressed PHP warnings generated by the GravityForms built-in sensor.
  • Fixed a bug which was causing wsal_cleanup cron to not be fired correctly therefore old logs and expired sessions could not have been removed properly.

Maintenance fix + fix for crash in install wizard

• Bug fixes
  • Fixed: Undefined array warning shown on website's front-end when running Gravity Forms in certain setups.
  • Exception handling added for when uploading a PDF as a WooCommerce product image.
  • Fixed: fatal error in third step of install wizard when plugin is installed on a vanilla WordPress.

Support for new pricing + plans + maintenance update

• Improvements

  • Added support to the new plans and prices (February 2024 change).
  • Upgraded the Freemius SDK to 2.6.2.
  • Updated a number of links in the plugin (links used in help text etc).
  • Removed hardcoding of post types and post statuses in search filters.
  • Continued code refactoring - code removed from main plugin file, created new classes etc.

• Bug fixes

  • Option for event ID 5709 was not showing when filtering the list of event IDs in the Enable/Disable events section.
  • Fixed error generated when duplicating forms on Gravity Forms.
  • Fixed: plugin keeping a log of forms submission even when the option to keep a log by website visitors was disabled.
  • Added event ID check when extracting the last occurrence from the database.
  • Addressed a number of PHP errors generated when running the plugin on PHP 8.2
  • Fixed a server error generated when exporting search results.
  • Fixed issue with event ID 9036, where a PHP notice was generated when an order status in WooCommerce was changed.

Maintenance update

• Plugin & features improvements

  • Fixed a number of broken links in the UI (search filters) and Enable/Disable events section.

• Security issue

  • Fixed an XSS in the activity log viewer identified by NamGyu Kang.

• Bug fixes

  • Extension update notice introduced in 4.6.0 cannot be dismissed in certain situations.
  • Fixed: Fatal error in WP_Content_sensor triggered in some edge cases.
  • Fixed: Error in MirrorLogger.php triggered by a bad / broken migration of activity log events.
  • Fixed: Fatal error on multisite network when upgrading from 4.5.2 to >4.6.0.
  • Addressed a Composer error triggered when installing Premium over Free edition of the plugin in certain versions.

Added text-based search and major core update

Release notes: Text search added to free & major core update

• New activity log event IDs

  • Event ID 6061: With this event ID the plugin keeps a log of when an email is sent from the website.
  • Event ID 9123: A WooCommerce coupon was moved to trash.
  • Event ID 9124: A WooCommerce coupon was permanently deleted.
  • Event ID 9125: The visibility of a WooCommerce coupon was changed.
  • Event ID 9126: The published date of a WordPress coupon was changed.
  • Event ID 9127: A WooCommerce coupon was restored from trash.

• New features

  • Free text search included in the free edition of the plugin.
  • Added support for WP CLI: a number of plugin options can be configured via WP CLI post plugin activation.

• Plugin & features improvements

  • Continued the second phase of the major plugin core refactoring, including reviewing, refactoring and documenting the sensors loading, classification process etc.
  • Rewritten all the MySQL connection & database communication classes.
  • Moved all third party plugins extensions (such as those for WooCommerce and Yoast SEO) to the plugin core, meaning extensions are no longer required.
  • Code cleanup: removed redundant old code and a number of obsolete files.
  • Activity log viewer is now using all the standard WordPress UI features (screen options, bulk options etc) for a more seemless experience.
  • Improved support / activity log coverage for Yoast SEO, WPForms, Gravity Forms, and Memberpress.
  • Improved coverage for WooCommerce and also supporting the latest version of WooCommerce: 8.X.
  • Switched the default activity log viewer view mode to pagination.
  • Rebranded the developer / ads / text etc - WP White Security is now Melapress.
  • Improved the activity log data inspector view - now data inspector is within the activity log viewer.
  • Removed the plugin setting to select which columns to show in the activity log viewer. Now the plugin uses the standard WordPress screen options.
  • Removed the Grid view completely.
  • Added the database info to the system info file (useful for support / troubleshooting).
  • Removed all meta related classes and switchd to a universal entity class / switch to arrays instead of objects.
  • Updated the Freemius SDK to 2.5.12.

• Bug fixes

  • Fixed: A number of PHP Warnings generated when the Export/Import setting was used on multisite networks.
  • Fixed: Deleting data upon uninstallation was generating WordPress database errors and PHP warnings in the free edition.
  • Fixed: Prevented PHP Warnings / Notices when a Custom Template was used in creating custom notifications.
  • Fixed: Erroneous plugin behavior when the "only me" Setting for Admins to access plugin settings is enabled.
  • Fixed: Custom "From Email Address" not showing up properly in plugin's mail recipients.
  • Fixed: Extended logic in default email templates preventing IP Addresses from being displayed in a number of edge cases.
  • Fixed: Events generated on-site's front end not reaching the Syslog server during mirroring.
  • Fixed: The Custom User field in the Exclude Objects tab was not saving values properly.

Maintenance update

• Bug fixes
  • Fixed issue which could cause a memory issue when migrating from older WSAL versions.
  • Fixed error which could cause 'Excluded custom user fields' to not save when updating.
  • Fixed issue which cause cause a fatal error when saving pages via the Oxygen Builder plugin.

Maintenance update

• Plugin & features improvements

  • Improved PHP 8.2 compatibility.
  • Replaced the ellipsis icon used for the Event data viewer with a "More details" button in the activity log viewer.
  • Updated a number of hooks (better interoperability) used in custom sensors.
  • Improved the "installed plugin" check to only show one extension notification when both the free and premium edition of a plugin are installed at the same time.
  • Activity log data is also automatically deleted from the archive database when using the logs data deletion tool.

• Security updates

  • Fixed a number of CSRFs, missing authorization & missing capabilities checks

• Bug fixes

  • Fixed: Fatal error reported when cloning a site on a multisite network with the NS Cloner plugin.
  • Fixed: Plugin was not retrieving the correct IP address when using a reverse proxy since update 4.5.0.
  • Addressed a number of PHP Warnings reported when using the WP Rocket plugin to purge the cache.
  • Fixed: PHP warning when saving Exclude Objects settings.
  • Setting up a mirroring connection and configuring the mirror of logs was not being reported in the logs.
  • Fixed: Fatal error when using the User Switching plugin to switch a user's session.
  • Fixed: Logins from non-native login forms (such as those from WooCommerce) were not captured correctly since update 4.5.0.
  • Fixed: Plugin not terminating existing user session when the setting to "overwrite existing session" was enabled.

Phase 1: refactoring the plugin's core code

Release notes: Announcing WP Activity Log 4.5

• Plugin & features improvements

  • Refactoring the plugin's core phase 1 - improved performance, reliability and maintainability.
  • Better support for PHP8 - addressed all reported warnings and fatal errors.
  • Event ID 2002 is now reported when a user changes something in a post for which the plugin does not have a specific event ID.
  • Added checks to the excluded objects placeholders to ensure users do not specify wrong objects in the wrong setting.
  • Replaced technical term severity labels with friendly ones. For example WSAL_HIGH is now High severity.
  • Added some new help text and improved existing help text in some pages throughout the plugin.
  • Improved support for RTL setups in the activity log viewer.
  • Improved the way the database table changes are detected by the plugin - all event IDs used for database changes monitoring are now enabled by default.
  • Improved the sensor that detects page changes (page created, deleted or changed) done automatically via plugins.
  • UI/UX improvements in the reports page and the settings for the periodic reports.

• Bug fixes.

  • Fixed: Event ID 7009 (user changed the maximum upload file size for a site on a multisite network) was wrongly logged instead event ID 7011(user changed the maximum upload file size for the network).
  • Fixed: Renaming a menu was not reported correctly, event ID 2085 (Changed menu items order) was reported instead.
  • Fixed: Error reported in the message of event ID 6060 (Changed the status of an event ID).
  • Fixed: WP Activity Log now keeps a log when it is activated or deactivated.
  • Fixed: Deleting events with "Informational" severity delets all events in the log.
  • Fixed: Fatal error in class-alert-manager.php when excluding a user and its role at the same time.
  • Fixed: Super Admin role added to Admin user in logs on a single site.
  • Fixed: PHP warning in /classes/Sensors/Multisite.php on a multisite network when running NOFS edition of the plugin on some specific multisite network setup.
  • Fixed: Plugin version update notice still shown in the NOFS edition of the plugin even when the plugin is up to date.
  • Fixed: When objets are excluded from the activity log.
  • Fixed: Event ID 6052 (Changed activity log retention settings) was not reported if the setting is already on "delete events older than" and the user changes the number of months or years.
  • Fixed: Event IDs 6053 - 6058, used to keep a log of when objects are excluded from the activity log are not reported in a multisite network environment.
  • Fixed: HTML code was shown instead of characters in some drop down menus in the Reports module pages.
  • Fixed: Site title change not reported (Event ID 6059).
  • Fixed: The daily summary email was not reporting file changes reported in the website through the Website File Changes Monitor plugin.
  • Fixed: Tags and Mirror identifier settings removed from Syslog and Slack mirroring settings - these are only used by third parties such as Amazon Cloudwatch and Papertrail.
  • Fixed: Report for number of published posts by user contained duplicate entries.
  • Fixed: Event ID 6034 (Purged activity log) also reported along site event ID 6006 when resetting plugin settings to default.
  • Date filters in reports were not applied correctly; plugin also including events that happened within 24 hours before the start date.